On Wed, 2011-11-16 at 13:35 -0500, Milind Kadam wrote: > > Hi Srivatsan, > > Don't whether this is helpful or not. The Web server has been setup on > Windows 2003 SP 2. > > I was reading at http://oaklandsoftware.com/papers/ntlm.html and came > across following quote; is this true? > > "As mentioned in the above KB article, the default configuration for > Windows Server 2003 is to require the use of NTLM V2 only. > If you are getting a HTTP 500 Response code, accompanied by the > message: "-2146893054 (0x80090302)" (which may manifest in a browser > as "The function requested is not supported" if 'friendly errors' is > turned on at the browser). this means that IIS is expecting an NTLM V2 > authentication and not getting it. Normally when NTLM authentication > fails, you will get a 401 response, however this case appears to be > handled differently by IIS. If you are getting this response with a > Java HTTP implementation, make sure the implementation correctly > supports NTLM V2." > > Also I have attached my code; you need to modify for your URL, host > and domain. > > Any help from you is appreciated as I am stuck on this problem for > almost two weeks now. > > Thanks a lot. > Milind > >
Try using JCIFS as an NTLN engine instead of the one shipped with HttpClient as described here: http://hc.apache.org/httpcomponents-client-ga/ntlm.html Oleg > > On Wed, Nov 16, 2011 at 11:01 AM, Srivatsan > <[email protected]> wrote: > > Milind - I am yet to try the option suggested by Oleg. > However, got it > working with the code given in the link - > http://www.muneebahmad.com/index.php/archives/127 > > Regards, > Srivatsan > > > mkjee wrote: > > > > > > Hi Srivatsan, > > > > I have a similar issue where URL works fine via browser but > fails from > > JAVA client when web server is IIS with NTLM authentication. > Did you find > > any solution for this problem? > > > > Thanks in advance, > > Milind > > > > > > > > > > Srivatsan wrote: > >> > >> Have a similar issue. With the code below - authentication > is > >> unsuccessful when using the credentials of a local user. By > local user, > >> the domain name / realm is the host itself. However, > authentication is > >> successful with the same credentials when accessed from > browser. > >> > >> DefaultHttpClient httpclient = new > DefaultHttpClient(); > >> List<String> authpref = new > ArrayList<String>(); > >> authpref.add(AuthPolicy.NTLM); > >> > httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, > >> authpref); > >> NTCredentials creds = new NTCredentials("uid", > "pwd", "ip", "domain"); > >> > httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, > >> creds); > >> HttpHost target = new HttpHost(<IP>, 80, > "http"); > >> // Make sure the same context is used to > execute logically related > >> requests > >> HttpContext localContext = new > BasicHttpContext(); > >> // Execute a cheap method first. This will > trigger NTLM authentication > >> HttpGet httpget = new HttpGet(<URL>); > >> HttpResponse response; > >> try { > >> response = httpclient.execute(target, > httpget, localContext); > >> System.out.println("Status Code:" + > >> response1.getStatusLine().getStatusCode()); > >> BufferedReader isr = new > BufferedReader (new > >> InputStreamReader(response.getEntity().getContent())); > >> while (isr.readLine() != null) { > >> System.out.println("Content > is: ********" + isr.readLine()); > >> } > >> HttpEntity entity = > response1.getEntity(); > >> EntityUtils.consume(entity); > >> } catch (ClientProtocolException e) { > >> // TODO Auto-generated catch block > >> e.printStackTrace(); > >> } catch (IOException e) { > >> // TODO Auto-generated catch block > >> e.printStackTrace(); > >> } > >> > >> Added the HTTP wire log. > >> http://old.nabble.com/file/p32819071/localuser-nabble.txt > >> localuser-nabble.txt > >> > >> Any pointers, please? > >> > >> Thanks, > >> Srivatsan > >> > >> > >> olegk wrote: > >>> > >>> On Sun, 2011-04-17 at 20:03 +0530, Dilshan Edirisuriya > wrote: > >>>> Hi , > >>>> > >>>> I have a web page that need to access with NTLM > authentication on my > >>>> local > >>>> machine and i can see the expected behavior with Web > browsers. But when > >>>> I > >>>> try to access same page using HTTPClient 4.1 I'm getting > following > >>>> exception. > >>>> > >>>> > >>>> Apr 17, 2011 7:18:23 PM > >>>> > org.apache.http.client.protocol.RequestTargetAuthentication > process > >>>> SEVERE: Authentication error: Invalid name provided > (Mechanism level: > >>>> Could > >>>> not load configuration file C:\Windows\krb5.ini (The > system cannot find > >>>> the > >>>> file specified)) > >>>> Status :: HTTP/1.1 401 Unauthorized > >>>> > >>>> > >>> > >>> Dilshan > >>> > >>> HttpClient chooses SPNEGO/kerberos auth scheme over NTLM > per default in > >>> case the server supports both, as SPNEGO/kerberos is > considered somewhat > >>> more secure than NTLM. > >>> > >>> You can alter the order of preferred auth schemes by using > >>> 'http.auth.target-scheme-pref' or > 'http.auth.proxy-scheme-pref' > >>> parameters: > >>> > >>> > > http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html#d4e869 > >>> > >>> Just a general remark: when troubleshooting problems with > HttpClient a > >>> wire / context log of the HTTP session exhibiting the > problem helps a > >>> great deal. > >>> > >>> Oleg > >>> > >>> > >>>> This is my sample code and it exactly same as example > given in here > >>>> > > http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html#ntlm > >>>> > >>>> DefaultHttpClient httpclient = new DefaultHttpClient(); > >>>> > >>>> NTCredentials creds = new NTCredentials("user", "pwd", > "machin-name", > >>>> "machin-name"); > >>>> > httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, > >>>> creds); > >>>> > >>>> Host target = new HttpHost("localhost", 9090, "http"); > >>>> HttpContext localContext = new BasicHttpContext(); > >>>> > >>>> // Execute a cheap method first. This will trigger NTLM > authentication > >>>> HttpGet httpget = new HttpGet("/hello1"); > >>>> HttpResponse response = httpclient.execute(target, > httpget, > >>>> localContext); > >>>> HttpEntity entity = response.getEntity(); > >>>> System.out.println(" Status :: "+ > response.getStatusLine()); > >>>> > >>>> > >>>> Further analyzing i found there is no 'Authorization:" > header in > >>>> outgoing > >>>> messages where this header is available with browser > access. Please > >>>> note > >>>> that I used same name/password/Domain for browser access > too. > >>>> > >>>> Appreciate for any help to resolve this ? > >>>> > >>>> Thank you , > >>>> > >>>> Dilshan > >>> > >>> > >>> > >>> > --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: > [email protected] > >>> For additional commands, e-mail: > [email protected] > >>> > >>> > >>> > >> > >> > > > > > > -- > > View this message in context: > > http://old.nabble.com/Issues-accessing-NTLM-server-using-HTTPClient-4.1-tp31417743p32855631.html > Sent from the HttpClient-User mailing list archive at > Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [email protected] > For additional commands, e-mail: > [email protected] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
